CompTIA CySA+ (CS0-002) — Question 207

A product manager is working with an analyst to design a new application that will perform as a data analytics platform and will be accessible via a web browser. The product manager suggests using a PaaS provider to host the application. Which of the following is a security concern when using a PaaS solution?

Answer options

• A. The use of infrastructure-as-code capabilities leads to an increased attack surface.
• B. Patching the underlying application server becomes the responsibility of the client.
• C. The application is unable to use encryption at the database level.
• D. Insecure application programming interfaces can lead to data compromise.

Correct answer: D

Explanation

The correct answer is D because insecure APIs can expose sensitive data and lead to breaches. A is incorrect as infrastructure-as-code can be managed securely. B is not a concern specific to PaaS, as clients often handle patching in various environments. C is misleading as many PaaS solutions do support encryption at various levels.